Next Event - 14th Nov 2019 - Reading Football Club Conference & Events Centre, (Formally - Madejski Football Stadium), Reading (UK)

At our last event in May the ICO said the big fines were coming... and they have. Marriott & British Airways have been fined a combined £300m over GDPR data breaches involving millions of customers personal information being compromised. Businesses now more than ever need to focus on improving their own security infrastructure and all other facets of protecting personal data in line with the GDPR to avoid facing similar penalties.

It is widely reported that over half of UK businesses do not yet appear to be fully GDPR-compliant, and many have de-prioritised their compliance efforts.

What to expect from the conference:

  • Hear about the ICO’s approach to fines during the first 18 months since GDPR implementation and what is next?
  • Learn from the many businesses who will be presenting their best Practices by Department focusing on IT, Security, Compliance , HR, Marketing and Finance.
  • A host of DPO’s will describe how the people in your organisation are always going to make mistakes or behave unexpectedly putting you at risk but what are the practical steps to further protect sensitive information and how to deliver it.
  • Preparing your breach response plan. How to best engage with the ICO after a breach. What should be reported and how?
  • Share and learn from others who are at varying stages of their Data Protection journeys.
  • Engage with a variety of suppliers helping with the key challenges.
  • And finally whatever happens on the 31st Oct Brexit deadline our suite of speakers will be on hand to describe if anything changes

Next Event - 14th Nov 2019 - Madejski Football Stadium​

Use the below buttons/tags to filter the sessions that are of interest to you

Keynote Presentation

From Spreadsheets to Streamlined: Automating the Third-Party Vendor Risk Lifecycle

Linda Thielová - Data Privacy Counsel at OneTrust Privacy

Managing third-party vendor risk before, during and after onboarding is a continuous effort under global privacy laws and security regulations. While outsourcing operations to vendors can alleviate business challenges, managing the associated risk with manual tools like spreadsheets is complex and time consuming. To streamline this process, organizations must put procedures in place to secure sufficient vendor guarantees and effectively work together during an audit, incident – or much more.

In this session, we'll breakdown a six-step approach for automating third-party vendor risk management and explore helpful tips and real-world practical advice to automate third-party privacy and security risk programs.


Why ‘doing’ data protection doesn’t work – we need to live it

Emma Martin - Data Protection Commissioner at Office of the Data Protection Authority

We are all immersed in a world that is increasingly fuelled by data. But there is an growing disconnect between those that build, control and benefit from the technology and the individuals whose personal information sits at its heart.

Data has the power to change people’s lives, influence elections and make or break businesses. But the law is only ever going to be one of a myriad of factors influencing people’s behaviour and attitudes and the speed of technological advancement means that law will always be playing catch up.

Enforcement and big fines matter to raise awareness, punish and deter poor compliance but the harm is almost always already done and data harms are real.

How can we reframe and broaden the conversation to ensure we embed the protection of data into everything we do, retaining the human qualities and freedoms we all too often take for granted both in our professional as well as our personal lives?


GDPR In The Real World – The Devil in the Detail of Consent

Adrian Jolly - Cyber Security | Compliance Lead at Sports & Stadia Portfolio

The sporting world throws up a range of GDPR challenges.

From fan consents to the holding of player medical records. From working with minors through the academy structures to the interaction between clubs and their foundations. Mike Bohndiek, Managing Director at PTI Consulting – a specialist sports technology and compliance advisory group – will share insight from their client base which ranges from the Ryder Cup to Premiership Rugby clubs and a wealth of football clubs.


Opening Pandoras Box

James Oakley - Author | Marketing Strategist

Actionable strategies to significantly increase your lead generation and sales ROI from marketing campaigns in a post GDPR world.

With changes to company marketing strategies brought around by data protection, James provides expertise if you're looking to maximise return on your marketing investment in a post GDPR world. Small or large, your company will benefit from these advanced strategies in addition to learning how to prepare for future changes to the marketing and data protection relationship.

James Oakley is a serial entrepreneur, author and speaker. He leads James Oakley Media; the ROI focused Digital Marketing Agency. He is recognised as one of the leading mobile marketing strategists, and was featured on the BBC and Radio 5’s Wake up to Money.

Silent Presentation

Building An Effective Privacy And Data Protection Team

Rob Masson - CEO at The DPO Centre

As The Role Of The Dpo Evolves And Data Protection Considerations Become Increasingly Important To Many Business Operations, Many Organisations Are Developing New Strategies To Embed A Culture Of Data Protection Into Their Teams. Robert Masson, Ceo Of The Dpo Centre Will Discuss Some Of The Latest Practices And Technologies Being Adopted To Address These Issues.


The Opportunities that GDPR Investments can bring to your Business.

Christel Cao-Delebarre - Global Privacy Officer at Carlson Wagonlit Travel

We often focus on the obligations and costs of GDPR compliance. While these are very real, the time has perhaps come to envisage GDPR also as an investment for new business opportunities. From enhancing customer service to improving supplier selection, optimizing business processes and clarifying roles and responsibilities including strategizing on corporate liability and security risk profile, GDPR may also be approached as a business differentiator leading to revenue growth. In fact, EU institutions claim that companies seeking to expand in Europe will create a whopping 2.3 billion euros in revenue per year by adopting GDPR-compliant cross-border data transfer schemes. This session looks at how to mitigate the regulatory risks while also attracting and retaining new business to eventually turn GDPR into a profit centre.


A new paradigm for data protection

Ardi Kolah - Data Protection Officer at Hitachi Consulting

In the session Ardi will describe how GDPR forces us to press the reset button and look at reviewing and measuring the maturity level of your Data Governance.


From Theory to Practice: Implementing Data Protection by Design in Business Processes?

Dr. David Reeve - Head of Information | Data & Analytics at Jisc

Now that the spotlight on data protection is dimming the challenge for data protection officers is embedding into an organisations processes and practices.

Dr Reeve focuses on data protection by design, a legal requirement to embed data protection at the design of new services and processes.

This paper looks at the practical examples and approaches to this new requirements


GDPR – Organisational Controls, how to make Data Protection second nature

Lesley Holmes - Data Protection Officer at MHR

A brief look at the implications of Article 32 and the organisational measures needed to ensure the appropriate level of security.

This session will look at what organisations need to consider when embedding Data Protection into the psyche of their employees day to day work.


Digital Policies

Roxanne Morison - Head of Digital Policy at CBI (Confederation of British Industry)

The CBI speaks on behalf of 190,000 businesses of all sizes and sectors. Together they employ nearly 7 million people, about one third of the private sector-employed workforce. With 13 offices around the UK as well as representation in Brussels, Washington, Beijing and Delhi, the CBI communicates the British business voice around the world.

Roxanne Morison is Head of Digital Policy at CBI and she's hooked on being at the heart of the big policy debates of the technology era. She has extensive UK and EU digital & tech public policy knowledge, a track record of developing campaigns from inception to launch and engaging government and stakeholders across industry.


A focus on digital marketing and digital advertising: Are you ready to meet your new obligations?

Ivana Bartoletti - Head of Privacy & Data Protection | Samuel Plantié - Principal Data Protection Consultant at Gemserv

In the past months, Data Protection Authorities in Europe, and especially the Information Commissioner’s Office, have launched several ground-breaking initiatives on online advertising.

The digital advertising landscape is changing rapidly, with far-reaching consequences for organisations, advertisers and website editors alike.

In this session, we will present and discuss the practical consequences of the new and forthcoming changes, and advise on how to carry out successful campaigns in compliance with the new obligations, including the requirement to collect data from internet users, in particular around cookie consent banners.


Developing a culture of privacy compliance

Ben Westwood - Associate Director, Privacy and Data Protection at IHS Markit

Developing a culture of privacy compliance is critical to the success of any modern privacy program. Businesses need to move away from the box ticking exercise and build a framework that embeds a culture of privacy across the entire organisation. But, from a practical standpoint, how can this be achieved? This talk provides real world examples and strategies for driving cultural change within organisations.


Facial Recognition presentation

William Richmond-Coggan - Director at Freeths

Director in the dispute resolution team at Freeths LLP, a leading national firm, working primarily from their Oxford office. I specialise in:

  • contentious and non-contentious data privacy work, including GDPR and ePrivacy
  • high value complex technology disputes
  • contentious trust and probate law
  • negligence claims against professional advisers
  • litigation with an off-shore component
  • defamation proceedings

I am a solicitor-advocate with higher rights of audience enabling me to conduct trial advocacy up to Court of Appeal level, and have considerable experience of advocacy at County Court and High Court levels. Until 2018 I was the Chair of the Solicitors Association of Higher Court Advocates and remain an active committee member.


Pinnacles and Pitfalls: The Challenges of a New DPO Role

Tim Burnett - DPO at Sykes Cottages

After 15 years as an information security professional at a large, global consulting and outsource company with multi-national clients, I took the opportunity to move to a small but rapidly growing company with their own challenges around security and compliance and, especially, the protection of personal data. Just under a year in, this is a review of my experience: the highs and lows; specific challenges and learning experiences, not least the challenges of international data transfers and processing.

Can Artificial Intelligence and Data Privacy co-exist?

Jaya Handa

We are entering a technological revolution with artificial intelligence promising to revolutionise sectors from insurance to education to healthcare. Companies of all sizes are embarking upon a race to build better automated systems with more precise outcomes utilising large data sets and consuming vast amounts of personal data. However, data protection and data privacy are often seen as an obstacle to this development as global privacy laws are based upon the principles of purpose limitation, data minimisation and transparency. How can we utilise Artificial Intelligence whilst complying with data protection laws? This session will explore these issues.

Jaya is the Privacy Director at Liberty Specialty Markets, the international specialty division of Liberty Mutual Insurance Company, a US headquartered Fortune 100 company. Jaya acts as the Group Data Protection Officer in Europe and has the responsibility for data protection across Europe, Middle East, Latin America, Bermuda and Asia Pacific. Jaya is a Consultative Expert On Digital Ethics in Insurance for EIOPA, a member of the European Commission’s AI Alliance and is heavily involved…